#github-actions (2023-08)
Discussions related to GitHub Actions
2023-08-01
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
Anyone know of a good way to set a timeout using ecspresso when editing the config file is not an option?
![Gabriela Campana (Cloud Posse) avatar](https://avatars.slack-edge.com/2023-05-17/5281506983315_fbbf3b358313efef4647_72.jpg)
@Igor Rodionov
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
In order to automate this through our CD process, we need to define a timeout through a CLI flag and not through editing a file.
If there isn’t a way to handle this, please add a flag to handle this. If there is a way, I’d love to know it.
2023-08-02
![actions Archives - The GitHub Blog avatar](https://a.slack-edge.com/80588/img/services/rss_72.png)
GitHub Actions: Required Workflows will move to Repository Rules GitHub Actions: Required Workflows will move to Repository Rules
GitHub Actions: Required Workflows will move to Repository Rules
2023-08-04
![actions Archives - The GitHub Blog avatar](https://a.slack-edge.com/80588/img/services/rss_72.png)
[Private Beta] Jenkins Scripted Pipeline Migrations [Private Beta] Jenkins Scripted Pipeline Migrations
[Private Beta] Jenkins Scripted Pipeline Migrations
2023-08-10
![actions Archives - The GitHub Blog avatar](https://a.slack-edge.com/80588/img/services/rss_72.png)
Actions runs triggered from tags or forks with the same name as a protected branch will now be blocked Actions Runs triggered from tags or forks with the same name as a protected branch will now be blocked The post Actions runs triggered from tags or forks with the same name as a protected branch will now be blocked appeared first on The GitHub Blog.
Actions Runs triggered from tags or forks with the same name as a protected branch will now be blocked
Updates, ideas, and inspiration from GitHub to help developers build and design software.
2023-08-15
![Soren Jensen avatar](https://avatars.slack-edge.com/2022-03-29/3335297940336_31e10a3485a2bd8c35af_72.png)
Anyone who can help with a GitHub Action. I’m trying to check if any relevant files has changed, if so run some test steps, if not just end the pipeline with success to make the GitHub required step pass.
required-test:
name: required-test
runs-on: ubuntu-latest
environment: production
strategy:
fail-fast: false
matrix:
python-version: [ '3.11' ]
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Check if any files changed
id: changed-files
uses: tj-actions/changed-files@v37
with:
files: |
.github/workflows/test_project2.yml
test_project2/**
- name: Run step if no files changed
if: steps.changed-files.outputs.any_changed == 'false'
run: |
echo "No relevant files changed. Return success"
exit 0
- name: Test
run: |
echo "test"
But even with the exit 0 the step Test is run and depending jobs also run. How do I exit the full workflow here?
![Pawel Rein avatar](https://secure.gravatar.com/avatar/2edc79b674965d581cf87be764783889.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
Didn’t you mean to do exit 1
? with exit code 0 it’s a success and the workflow continues. That however fails the run and you may not want that. At the price of duplication if there’s more steps to follow, you can include the condition to every step
if: steps.changed-files.outputs.any_changed == 'true'
I guess this is the very thing you wanted to avoid
![Pawel Rein avatar](https://secure.gravatar.com/avatar/2edc79b674965d581cf87be764783889.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
you could also split jobs so job1 only runs changed-files action and exposed an output and then job2 runs based on the if condition - no need to duplicate to all steps
![Soren Jensen avatar](https://avatars.slack-edge.com/2022-03-29/3335297940336_31e10a3485a2bd8c35af_72.png)
My main issue is I want the test job to be required for PR’s. So if files in a certain folder has changed run the tests, if not changed in that folder the test will just return success to make the required test pass in the PR to allow it to be merged into main.
![Pawel Rein avatar](https://secure.gravatar.com/avatar/2edc79b674965d581cf87be764783889.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
I see, I can’t think of any GHA native way to achieve it
![Gabriela Campana (Cloud Posse) avatar](https://avatars.slack-edge.com/2023-05-17/5281506983315_fbbf3b358313efef4647_72.jpg)
@Dan Miller (Cloud Posse)
![Dan Miller (Cloud Posse) avatar](https://avatars.slack-edge.com/2021-08-12/2389147782305_5729c9d69c393852d209_72.jpg)
I’m not familiar with tj-actions/changed-files
, but we do something similiar with Atmos and the github-action-atmos-affected-stacks action
A composite workflow that runs the atmos describe affected command
![Pawel Rein avatar](https://secure.gravatar.com/avatar/2edc79b674965d581cf87be764783889.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
It doesn’t matter how you detect the affected stacks or changed files. You get a bool on the output and the question is what you can do with it to end the pipeline cleanly based on it
![Darren Cunningham avatar](https://secure.gravatar.com/avatar/d0ea359c3ff6b8093ae53e57fbbe2570.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
this might work https://stackoverflow.com/a/75809743/398012
I want to exit a job if a specific condition is met: jobs: foo: steps: …
- name: Early exit run: exit_with_success # I want to know what command I should write here …
![Soren Jensen avatar](https://avatars.slack-edge.com/2022-03-29/3335297940336_31e10a3485a2bd8c35af_72.png)
Yes, I tried this with no success the exit isn’t working
I want to exit a job if a specific condition is met: jobs: foo: steps: …
- name: Early exit run: exit_with_success # I want to know what command I should write here …
![Darren Cunningham avatar](https://secure.gravatar.com/avatar/d0ea359c3ff6b8093ae53e57fbbe2570.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
are you looking at the comment that I linked? it doesn’t use exit
…
![Darren Cunningham avatar](https://secure.gravatar.com/avatar/d0ea359c3ff6b8093ae53e57fbbe2570.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
accepted answers can be misleading
![Soren Jensen avatar](https://avatars.slack-edge.com/2022-03-29/3335297940336_31e10a3485a2bd8c35af_72.png)
Yes
![Soren Jensen avatar](https://avatars.slack-edge.com/2022-03-29/3335297940336_31e10a3485a2bd8c35af_72.png)
gh run cancel ${{ github.run_id }}
gh run watch ${{ github.run_id }}
This is actually working to stop the workflow, unfortunately I need the test to return success to make the PR checks pass.
2023-08-16
2023-08-18
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
Looks like our GHA are failing with:
Error saving credentials: error storing credentials - err: exit status 1, out: not implemented
I see multiple issues discussing this (https://github.com/docker/login-action/issues/515), but none of them have an outright solution. Has anyone encountered this?
We’re using https://github.com/cloudposse/github-action-docker-build-push for our build/push
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Just a random guess, host machine is out of disk space
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
doesn’t seem to be the case
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
@Jeremy G (Cloud Posse) does this ring a bell? I saw you commenting back in 2020 on this issue: https://github.com/awslabs/amazon-ecr-credential-helper/issues/102
Hi there,
I got the strange error:
~/build/dashevo/dashdrive$ eval $(aws ecr get-login --no-include-email)
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error saving credentials: error storing credentials - err: exit status 1, out: `not implemented`
~/build/dashevo/dashdrive$ cat ~/.docker/config.json
{
"credsStore":"ecr-login"
}
~/build/dashevo/dashdrive$ docker-credential-ecr-login version
0.6.0
~/build/dashevo/dashdrive$ docker version
Client:
Version: 18.04.0-ce
API version: 1.37
Go version: go1.9.4
Git commit: 3d479c0
Built: Tue Apr 10 18:21:14 2018
OS/Arch: linux/amd64
Experimental: false
Orchestrator: swarm
Server:
Engine:
Version: 18.04.0-ce
API version: 1.37 (minimum version 1.12)
Go version: go1.9.4
Git commit: 3d479c0
Built: Tue Apr 10 18:19:24 2018
OS/Arch: linux/amd64
Experimental: false
Credentials exported as env vars:
Setting environment variables from repository settings
$ export AWS_SECRET_ACCESS_KEY=[secure]
$ export AWS_ACCESS_KEY_ID=[secure]
$ export AWS_DEFAULT_REGION=[secure]
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@Igor Rodionov
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
the weird thing is we’ve made no changes to the set up. this is all the same as it was before and it just fails
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
of course it is right before the very moment we need it lol
![Igor Rodionov avatar](https://secure.gravatar.com/avatar/bc70834d32ed4517568a1feb0b9be7e2.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
@johncblandii know this case
![Igor Rodionov avatar](https://secure.gravatar.com/avatar/bc70834d32ed4517568a1feb0b9be7e2.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
sec
![Igor Rodionov avatar](https://secure.gravatar.com/avatar/bc70834d32ed4517568a1feb0b9be7e2.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
try this
![Igor Rodionov avatar](https://secure.gravatar.com/avatar/bc70834d32ed4517568a1feb0b9be7e2.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
tee -a /github-runners/docker-config.json <<EOF
{
"credHelpers": {
"ecr.us-east-1.amazonaws.com": "ecr-login",
"ecr.us-east-2.amazonaws.com": "ecr-login",
"ecr.us-west-1.amazonaws.com": "ecr-login",
"ecr.us-west-2.amazonaws.com": "ecr-login",
"ecr.af-south-1.amazonaws.com": "ecr-login",
"ecr.ap-east-1.amazonaws.com": "ecr-login",
"ecr.ap-southeast-3.amazonaws.com": "ecr-login",
"ecr.ap-south-1.amazonaws.com": "ecr-login",
"ecr.ap-northeast-3.amazonaws.com": "ecr-login",
"ecr.ap-northeast-2.amazonaws.com": "ecr-login",
"ecr.ap-southeast-1.amazonaws.com": "ecr-login",
"ecr.ap-southeast-2.amazonaws.com": "ecr-login",
"ecr.ap-northeast-1.amazonaws.com": "ecr-login",
"ecr.ca-central-1.amazonaws.com": "ecr-login",
"ecr.eu-central-1.amazonaws.com": "ecr-login",
"ecr.eu-west-1.amazonaws.com": "ecr-login",
"ecr.eu-west-2.amazonaws.com": "ecr-login",
"ecr.eu-south-1.amazonaws.com": "ecr-login",
"ecr.eu-west-3.amazonaws.com": "ecr-login",
"ecr.eu-north-1.amazonaws.com": "ecr-login",
"ecr.me-south-1.amazonaws.com": "ecr-login",
"ecr.sa-east-1.amazonaws.com": "ecr-login"
}
}
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
add that to the user data?
![Igor Rodionov avatar](https://secure.gravatar.com/avatar/bc70834d32ed4517568a1feb0b9be7e2.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
yea
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
we have this in there:
mkdir -p /root/.docker
echo '{ "credsStore": "ecr-login" }' >/root/.docker/config.json
mkdir -p /home/ec2-user/.docker
echo '{ "credsStore": "ecr-login" }' >/home/ec2-user/.docker/config.json
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
should the path match?
![Igor Rodionov avatar](https://secure.gravatar.com/avatar/bc70834d32ed4517568a1feb0b9be7e2.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
no
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
ok, gotcha
![Igor Rodionov avatar](https://secure.gravatar.com/avatar/bc70834d32ed4517568a1feb0b9be7e2.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
my path is from our module
![Igor Rodionov avatar](https://secure.gravatar.com/avatar/bc70834d32ed4517568a1feb0b9be7e2.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
that docker-config.json should be like that
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
ok, have to step away, but i’ll run this in a few
![Jeremy G (Cloud Posse) avatar](https://avatars.slack-edge.com/2020-07-04/1229022582372_22757dbc9ef96d371614_72.jpg)
For GHA, did you give the job write permission?
permissions:
contents: write
IIRC, in a GitHub Action using official Docker actions, you do not need to have any credential helpers or .docker/config.json
, just use the docker/login-action
action (which is done for you by cloudposse/github-action-docker-build-push).
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
yes, it has that
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
and yes, that’s the action we’re using. it just started failing out of nowhere
![Jeremy G (Cloud Posse) avatar](https://avatars.slack-edge.com/2020-07-04/1229022582372_22757dbc9ef96d371614_72.jpg)
There was an outage. Is it still failing?
GitHub’s Status Page - Incident with Actions.
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
yes. it started last week
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
was still failing today
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
is failing now cuz of the tee
above, but i’m pushing a fix
![Jeremy G (Cloud Posse) avatar](https://avatars.slack-edge.com/2020-07-04/1229022582372_22757dbc9ef96d371614_72.jpg)
I don’t know, then. I haven’t seen new problems crop up recently.
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
yeah, reverted and it is still failing
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
Confirmed this was in place
permissions:
contents: write
id-token: write
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
cloudposse/[email protected]
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
confirmed adding credHelpers
didn’t help.
I created a reduced test case and docker/login-action
continues to fail no matter what I do with the same error:
Error saving credentials: error storing credentials - err: exit status 1, out:
not implemented
I’ll see what else I can find out. Definitely the worst timing to hit this bug
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
just adding here for context as I go.
testing on ubuntu-latest
works perfect fine on GHA.
testing on a linux2 bastion and I could easily replicate this problem
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
I changed this section and everything worked on the bastion. Testing this on the runners as well. So far it looks promising
mkdir -p /root/.docker
echo '{}' >/root/.docker/config.json
mkdir -p /home/ec2-user/.docker
echo '{}' >/home/ec2-user/.docker/config.json
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
![Jeremy G (Cloud Posse) avatar](https://avatars.slack-edge.com/2020-07-04/1229022582372_22757dbc9ef96d371614_72.jpg)
So what changed?
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
there is a new ami being used with the filter that came out this month
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
so could be something in that ami
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
1 sec…
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
amzn2-ami-hvm-2.0.20230808.0-x86_64-ebs
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
that date coincides with when i saw some errors
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
i believe this one was fine amzn2-ami-hvm-2.0.20230727.0-x86_64-ebs
![johncblandii avatar](https://avatars.slack-edge.com/2020-04-14/1062347993890_6fd142c15ffef426eeba_72.png)
or maybe the one before that. i didn’t track those as i didn’t consider it to be an AMI change
2023-08-19
![RB avatar](https://avatars.slack-edge.com/2020-02-26/958727689603_86844033e59114029b3c_72.png)
Manage your Github repo(s) settings and secrets using Github Actions and a yaml file
2023-08-21
![actions Archives - The GitHub Blog avatar](https://a.slack-edge.com/80588/img/services/rss_72.png)
Repository Actions Runners List Repository Actions Runners List The post Repository Actions Runners List appeared first on The GitHub Blog.
Updates, ideas, and inspiration from GitHub to help developers build and design software.
2023-08-22
2023-08-24
![OliverS avatar](https://avatars.slack-edge.com/2020-04-30/1107989667377_3841766be8721753183c_72.jpg)
Hi, I’m looking for findings regarding github-actions (GA) vs circleci (cci). I’ve used the latter a fair bit (a whole year of cci on some non-trivial pipeline), but my impression is that GA is significantly more powerful than cci overall. Any concrete capabilities in GA that are not or only partially in cci? Limitations in GA that are not in cci? This is for an org that has about 50 repos that build a variety of artifacts (jars, docker images, node modules) and deploy to a few places (AWS ec2 instances, lambdas, soon kubernetes). Migrating from Jenkins, the options so far are cci and GA.
![Darren Cunningham avatar](https://secure.gravatar.com/avatar/d0ea359c3ff6b8093ae53e57fbbe2570.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
IMO it’s not that GHA is more powerful than CCI, it’s that they’ve done a better job getting rallying the community behind it. there are more workflows/actions that are readily available (this can also be a bad thing because devs sometimes grab workflows without really inspecting them and sometimes use :latest
which is a security risk). I think they both have all the features, I just find GHA more intuitive.
![wbrown43 avatar](https://secure.gravatar.com/avatar/9030d5a7fe78700e70e5c047901b8f00.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0006-72.png)
Hi Im looking for a way to refresh token for an Assumed role in GHA. We are running batch jobs using github actions and assumed roles and some of the batch jobs are long running up to 36 hours. Assumed roles have a default duration of 1 hour Undwer the assumed role workflow has two jobs with multiple steps.
- Submit Job with aws cli batch job command
- Check Job status
- config aws creds
- check job status loops until job succeeds or fails
After an hour times out with
An error occurred (ExpiredTokenException) when calling the DescribeJobs operation: The security token included in the request is expired"
Any help would be appreciated
![OliverS avatar](https://avatars.slack-edge.com/2020-04-30/1107989667377_3841766be8721753183c_72.jpg)
have you tried OIDC?
![Pawel Rein avatar](https://secure.gravatar.com/avatar/2edc79b674965d581cf87be764783889.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
OIDC tokens have expiry too
![Gabriela Campana (Cloud Posse) avatar](https://avatars.slack-edge.com/2023-05-17/5281506983315_fbbf3b358313efef4647_72.jpg)
@Max Lobur (Cloud Posse)
![OliverS avatar](https://avatars.slack-edge.com/2020-04-30/1107989667377_3841766be8721753183c_72.jpg)
On https://docs.github.com/en/actions/using-jobs/running-jobs-in-a-container it shows how you can run a GA job in a container. I have a docker image that has build tools in a private repo in AWS ECR, so we need to generate a token (aws ecr get-login-password). Can one job generate the token and the next job uses it? Does this then prevent us from ever re-running individual jobs of a workflow?
![Gabriela Campana (Cloud Posse) avatar](https://avatars.slack-edge.com/2023-05-17/5281506983315_fbbf3b358313efef4647_72.jpg)
@Dan Miller (Cloud Posse)
![Dan Miller (Cloud Posse) avatar](https://avatars.slack-edge.com/2021-08-12/2389147782305_5729c9d69c393852d209_72.jpg)
yes absolutely. Check out this action: https://github.com/docker/login-action#aws-elastic-container-registry-ecr
![Dan Miller (Cloud Posse) avatar](https://avatars.slack-edge.com/2021-08-12/2389147782305_5729c9d69c393852d209_72.jpg)
although we typically use an AWS role that has access to ECR and assume the role with Github OIDC
![Dan Miller (Cloud Posse) avatar](https://avatars.slack-edge.com/2021-08-12/2389147782305_5729c9d69c393852d209_72.jpg)
Logs into Amazon ECR with the local Docker client.
![OliverS avatar](https://avatars.slack-edge.com/2020-04-30/1107989667377_3841766be8721753183c_72.jpg)
Thanks @Dan Miller (Cloud Posse)
![OliverS avatar](https://avatars.slack-edge.com/2020-04-30/1107989667377_3841766be8721753183c_72.jpg)
Btw I found out that if you rerun a job it automatically runs jobs that depend on it (ie have a needs
property that points to it). So it might work to re-run the password getter job, this would auto run the job that needs that password.
2023-08-25
2023-08-29
![actions Archives - The GitHub Blog avatar](https://a.slack-edge.com/80588/img/services/rss_72.png)
GitHub Actions: Review network access settings for the self-hosted runners GitHub Actions: Review network access settings for the self-hosted runners The post GitHub Actions: Review network access settings for the self-hosted runners appeared first on The GitHub Blog.
GitHub Actions: Review network access settings for the self-hosted runners
Updates, ideas, and inspiration from GitHub to help developers build and design software.
![actions Archives - The GitHub Blog avatar](https://a.slack-edge.com/80588/img/services/rss_72.png)
Update to Actions usage in Enterprise Managed User namespace repositories Update to Actions usage in Enterprise Managed User namespace repositories The post Update to Actions usage in Enterprise Managed User namespace repositories appeared first on The GitHub Blog.
Update to Actions usage in Enterprise Managed User namespace repositories
Updates, ideas, and inspiration from GitHub to help developers build and design software.